Detailed release information
5.0.1.76 / GUI 1.2.29
5.0.0.72 / GUI 1.2.29
General
-
Renamed application to Net iD Portal including assembies and namespaces.
-
Requirement of Microsoft .NET Framework 4.5.X.
-
Added: Support for Oracle MySQL database server (developed and tested for version 5.6).
-
Added: Support for separated impersonation credentials for Microsoft SQL Server.
-
Added: Support for SQL Transaction commitments and roll backs against Microsoft SQL Server and Oracle MySQL Server.
-
Added: Support for SQL Parameter transaction structure against Microsoft SQL Server and Oracle MySQL Server.
-
Added: Support for Microsoft SQL Server 2014 Service Pack 1.
-
Added: Support for SSL/TLS for Microsoft Active Directory.
-
Added: Support for unlimited of multiple directory services.
-
Added: Support for cross-over directory services.
-
Added: Support for Microsoft Enrollment Computer Agent structure for Microsoft Certificate Authority.
-
Added: Support for search and revoke certificates directly to EJBCA database, as well as MSCA database.
-
Added: Support for Enterprise Java Beans Certificate Authority (EJBCA) 6.0.3.
-
Added: Support for Trace Server.
-
Added: Support for Gemalto card management and production system.
-
Added: Support for Nexus card management and production system (for initial tests).
-
Added: Support for Representational State Transfer Web Services (see the Enhanced Web Service Support section).
-
Added: Support for generating PDF files using Windows Presentaion Foundation library.
System
-
Enhanced Cryptography Support:
-
Support: SHA-1, SHA-256, SHA-384 and SHA-512 hash algorithms.
-
Support: SHA-1, SHA-256, SHA-384 and SHA-512 RSA signature algorithms.
-
Support: SHA-1, SHA-256, SHA-384 and SHA-512 ECDSA signature algorithms.
-
Support: SHA-1 DSA signature algorithms.
-
Added: Support for ECC (Elliptic Curve Cryptography):
-
Support: ECDSA_P256, ECDSA_P384 and ECDSA_P521 signature algorithms for Microsoft Certificate Authority.
-
Support: ECDH_P256, ECDH_P384 and ECDH_P521 encryption algorithms for Microsoft Certificate Authority.
-
Support: ECC curves: secp192r1, secp224k1, secp256k1, secp256r1, secp384r1 and secp521r1.
-
Support: Bitcoin transaction signatures with the secp256k1 curve.
-
Support: SHA-1, SHA-256, SHA-384 and SHA-512 ECDSA signature algorithms.
-
Support: ECC for Microsoft Certificate Authority 6.0, 6.1, 6.2 and 6.3.
-
Support: ECC for Enterprise Java Beans Certificate Authority (developed and tested for EJBCA 6.0.3).
-
Support: Signatures with X509 certificates and ECC.
-
Support: Client certificates with ECC.
-
Support: Server certificates with ECC.
-
-
Enhanced XML Digital Signature Support:
-
Support: SHA-1, SHA-256, SHA-384 and SHA-512 hash algorithms as Uniform Resource Identifiers (RFC3075 standard).
-
Support: SHA-1, SHA-256, SHA-384 and SHA-512 RSA signature algorithms as Uniform Resource Identifiers (RFC3075 standard).
-
Support: SHA-1, SHA-256, SHA-384 and SHA-512 ECDSA signature algorithms as Uniform Resource Identifiers (RFC4050 standard).
-
Support: SHA-1 DSA signature algorithms as Uniform Resource Identifiers (RFC3075 standard).
-
Support: DSA/RSA/ECDSA key value objects as well as X509Data as KeyInfo.
-
Added: Interface for creating signed XML for external use (i.e. signing XML with Net iD Enterprise).
-
-
Enhanced XML Encryption Support:
-
Support: SHA-1, SHA-256, SHA-384 and SHA-512 hash algorithms.
-
Support: Elliptic Curve Diffie Hellman with AES, Blowfish and Twofish block cipher.
-
-
-
Enhanced Certificate Authority Support:
-
New implementation of EnrollmentMode structure:
-
AgentSigner.
-
Modifier.
-
Stamping.
-
-
New implementation of SubjectName attribute enum structure with auto OID parsing:
-
CommonName (2.5.4.6)
-
GivenName (2.5.4.42)
-
Surname (2.5.4.4)
-
Initials (2.5.4.43)
-
UnstructedName (1.2.840.113549.1.9.2)
-
Email (1.2.840.113549.1.9.1)
-
StreetAddress (2.5.4.8)
-
UnstructedAddress (1.2.840.113549.1.9.8)
-
SERIALNUMBER (2.5.4.5)
-
Title (2.5.4.12)
-
OrganizationalUnit (2.5.4.11)
-
Organization (2.5.4.10)
-
DomainComponent (0.9.2342.19200300.100.1.25)
-
Locality (2.5.4.7)
-
State (2.5.4.8)
-
Country (2.5.4.6)
-
-
New implementation of X509Extensions structure:
-
SubjectAlternativeName (2.5.29.17) with auto IA5 string parsing:
-
OtherName: PrincipalName.
-
OtherName: Global Unique Identifier.
-
RFC822Name.
-
DNSName:
-
Uniform Resource Identifier.
-
DirectoryName.
-
IPAddress.
-
Registered OID (support MS ADCS only).
-
-
-
KeyUsage (2.5.29.15) with auto flag parsing:
-
NoKeyUsage (0)
-
DigitalSignature (0x80)
-
NonRepudiation (0x40)
-
KeyEncipherment (0x20)
-
DataEncipherment (0x10)
-
KeyAgreement (0x8)
-
CertificateSigning (0x4)
-
OfflineCrlSigning (0x2)
-
CrlSigning (0x2)
-
EncipherOnly (0x1)
-
DecipherOnly (0x80 << 8)
-
-
ExtendedKeyUsage (2.5.29.37) with auto OID parsing:
-
BitLocker Drive Encryption (1.3.6.1.4.1.311.67.1.1)
-
ClientAuthentication (1.3.6.1.5.5.7.3.2)
-
ServerAuthentication (1.3.6.1.5.5.7.3.1)
-
EmailProtection (1.3.6.1.5.5.7.3.4)
-
SmartCardLogon (1.3.6.1.4.1.311.20.2.2)
-
EncryptingFileSystem (1.3.6.1.4.1.311.10.3.4)
-
FileRecovery (1.3.6.1.4.1.311.10.3.4.1)
-
-
SEIS Card Number (1.2.752.34.2.1)
-
Qualified Certificate Statements (1.3.6.1.5.5.7.1.3)
-
Enhanced support of: Microsoft Active Directory Certificate Service Enterprise type (MSCA / ADCS):
-
Support: EnrollmentMode > AgentSigner.
-
Support: EnrollmentMode > Modifier.
-
Support: Enrollment with Computer Enrollment Agent against Microsoft UserLogon objects with default templates.
-
Support: Enrollment with Computer Enrollment Agent against Microsoft UserLogon objects with customized templates.
-
Support: DSA/RSA/ECC (more information in the "Enhanced Cryptography Support" section in this document).
-
Enhanced: Modified enrollment structure against non-Microsoft user objects.
-
-
Enhanced support of: Microsoft Active Directory Certificate Service Stand-Alone type (MSCA / ADCS):
-
Support: EnrollmentMode > Modifier.
-
Support: EnrollmentMode > Stamping.
-
Support: Modified enrollment structure against non-Microsoft user objects.
-
Support: Server certificates enrollment as well as user certificates.
-
Support: Key recovery.
-
Support: DSA/RSA/ECC (more information in the "Enhanced Cryptography Support" section in this document).
-
-
Enhanced support of: PrimeKey Enterprise Java Beans Certificate Authority (EJBCA):
-
Support: EnrollmentMode > Modifier.
-
Enhanced: Server certificate enrollment.
-
Enhanced: Key recovery.
-
Support: DSA/RSA/ECC (more information in the "Enhanced Cryptography Support" section in this document).
-
-
Enhanced support of: Certificate validation against CDP (CRL Distribution Points):
-
New improved: Web client for downloading CRL through HTTP.
-
Possible to validate certificate of its own CDP.
-
Possible to validate certificate of static CDP list.
-
-
Added support of: Certificate validation against OCSP (Online Certificate Status Protocol):
-
Support: OCSP requests with HTTP POST verb.
-
Possible to validate certificate of its own AIA.
-
Possible to validate certificate if static OCSP list.
-
-
-
Enhanced Authentication Provider support:
-
New improved internal server ticket structure.
-
Server ticket handler for Microsoft Windows authentication:
-
Microsoft Kerberos.
-
Microsoft NTLM.
-
Microsoft Negotiate Layer.
-
X509 certificate.
-
-
Server ticket handler for non-authentication:
-
X509 certificate.
-
-
-
New improved internal client ticket structure:
-
Client ticket handler for Net iD Enterprise:
-
X509 certificate.
-
-
-
-
Enhanced ISO 8601 date time standard support:
-
All date objects always returns as ISO 8601 sortable pattern string (YYYY-MM-DD).
-
All time objects always returns as ISO 8601 sortable pattern string (HH:MM:SS).
-
All date-time objects always returns as ISO 8601 sortable pattern string (YYYY-MM-DD HH:MM:SS).
-
All date-time objects will stored in database as ISO 8601 sortable pattern objects (YYYY-MM-DD HH:MM:SS).
-
-
Enhanced Trace:
-
Dynamic set of current class and method.
-
Simplier reading of trace:
-
All operations logs properties before invoking.
-
All operations logs "begin" and "end" for each thread of operation.
-
-
Trace Server:
-
Possible to call the Generic Service interface to asynchronously write logs to file.
-
Better performance for large amount of users at the same time.
-
-
Trace Constructor:
-
Looking for current calling assembly for default runtime.
-
Looking for the attribute "UseAPI" in license file for non-default runtime.
-
-
-
Enhanced Microsoft Active Directory Lightweight Directory Services support.
-
Enhanced Microsoft Active Directory Federation Service support.
-
Enhanced Claims Principal support as SAML 2.0 security token receiving.
-
Enhanced Impersonation support:
-
Possible to impersonate third party services with different service accounts:
-
Microsoft Active Directory Service.
-
Microsoft Active Directory Lightweight Directory Service.
-
Microsoft Certificate Authority Service.
-
Microsoft SQL Server service.
-
-
-
Enhanced Web Service support (ongoing):
-
Support: Simple Object Access Protocol (SOAP).
-
Support: Representational State Transfer (REST).
-
Uses HTTP 1.1 verbs (GET, POST, PUT, and DELETE).
-
Possible to return output data as XML.
-
Possible to return output data as JavaScript Object Notation (JSON).
-
-
Multiple endpoints:
-
basicHttpBinding for SOAP with possibility to use SSL/TLS transfer with certificates and none transfer.
-
webHttpBinding for REST and XML with possibility to use SSL/TLS transfer with certificates and none transfer.
-
webHttpBinding for REST and JSON with possibility to use SSL/TLS transfer with certificates and none transfer.
-
Dynamic endpoints configuration in configuration file that will be used by IIS.
-
-
-
Discontinued: Support for Microsoft Windows NT 5.X:
-
Discontinued: Support for Microsoft Windows Server 2003 (Microsoft Certificate Authority 5.2 is still supported).
-
Discontinued: Support for Microsoft Windows Server 2003 R2 (Microsoft Certificate Authority 5.2 is still supported).
-
Discontinued: Support for Microsoft Internet Information Services 6.0.
-
-
Discontinued: Support for Novell eDirectory LDAP wrapper.
-
Discontinued: Support for ASMX Web Services.